<?php

$server = "uat";
$host="localhost"; // Host name
$username="z247s504_admin"; // Mysql username
$password="PxLpCd07"; // Mysql password
$database="z247s504_uat"; // Mysql Database

$con = mysql_connect($host,$username,$password);
if (!$con)
  {
  die('Could not connect: ' . mysql_error());
  }

mysql_select_db($database, $con);

            
            
			$item_number = $_POST['item_number'];
			$item_title = $_POST['item_name'];
            $firstname = $_POST['first_name'];
            $lastname = $_POST['last_name'];
			$address1 = $_POST['address1'];
			$address2 = $_POST['address2'];
			$town = $_POST['town'];
			$postcode = $_POST['postcode'];
            $payeremail = $_POST['email'];
			$payernumber = $_POST['number'];
            $mdate= date('Y-m-d h:i:s',strtotime($paymentdate));
			$date = date('Y/m/d H:i:s');
			$amount = $_POST['amount'];
			$shipping = $_POST['shipping'];

			mysql_query("INSERT INTO cash_payments

(

product_id,
product_name,
first_name,
last_name,
email,
number,
address1,
address2,
payment_status,
source,
shipping,
amount

) 

VALUES

(

'$item_number',
'$item_title',
'$firstname',
'$lastname',
'$payeremail',
'$payernumber',
'$address1',
'$address2',
'Outstanding',
'Online sale',
'$shipping',
'$amount'
) 

"); 


				$query = "SELECT * FROM saddles WHERE product_id = '$item_number'";
				$result = mysql_query($query);
				while($row = mysql_fetch_array($result))
				{
					
					$saddle_row_id = $row['id'];
					$saddle_description = $row['product_description'];
					
				}
					
            		
				mysql_query("UPDATE saddles SET 

				product_status = 'On-trial'
				WHERE product_id = '$item_number'");	
			
			//If the client has an email address then send email	
			if($payeremail !="")
			
			{	
				
				/////////////////////////////
				//Email PURCHASE CONFIRMATION
				/////////////////////////////
				
				    $to      = $payeremail;
					$subject = 'Purchase confirmation';
			
					$message = file_get_contents('admin_files/emails/purchase_confirmation.html');
					$message = $change = str_replace("{CUSTOMER_NAME}", $firstname, $message);
					$message = $change = str_replace("{SADDLE_NAME}", $item_title, $message);
					$message = $change = str_replace("{SADDLE_ROW_ID}", $saddle_row_id, $message);	
					$message = $change = str_replace("{SADDLE_DESCRIPTION}", $saddle_description, $message);	
				
					$headers = "From: 24-7Saddles.com <Sales@24-7saddles.com>\r\n";
					$headers .= "MIME-Version: 1.0\r\n";
					$headers .= "Content-Type: text/html; charset=ISO-8859-1\r\n";

					mail($to, $subject, $message, $headers);
				
				/////
				//End
				/////	
				
			}
			
			header("Location: purchase_landing_page.php");

?>